Use of Gateway Subnet on Azure
As for as I know, the gateway service looks like a router service or device that can enable routing transit between on-premise and Azure. Per Doc, it says that
The Azure gateway subnet is needed by Azure to host the two virtual machines of your Azure gateway. Specify an address space with at least a 29-bit prefix length (example: 192.168.15.248/29). A 28-bit or smaller prefix length is recommended, especially if you are planning to use ExpressRoute.
Here is a similar case for your references.
Related videos on Youtube
17 : 14
13 : 04
14 : 09
02 : 47
09 : 40
7_R3X
Linux Lover, Open Source Lover; Crazy Programmer; Algorithm Designer; Cyber-Security Enthusiast and a Typical Computer Nerd. 3:) Security blogger at and the creator of Crackerscreed.org
Updated on September 18, 2022Comments
-
7_R3X almost 2 years
I'm trying to create a Point-to-Site(P2S) VPN on Microsoft Azure and in order to do so I created a VNet, created a couple of subnets under the VNAT and then I read that I need to create a "Gateway Subnet" to be able to attach a network gateway to my VNet. I couldn't understand why does a Gateway (which, according to my understanding, is simply a router) would need its own subnet?
Upon further digging, I stumbled upon Azure VPN Gateway FAQs but all it says is:
The gateway subnet contains the IP addresses that the virtual network gateway services use.
And
When you create the gateway subnet, you specify the number of IP addresses that the subnet contains. The IP addresses in the gateway subnet are allocated to the gateway service.
I wonder which gateway services are these?
-
Admin almost 6 yearsits a service limitation, just do what it says and you are okay.
-
-
7_R3X almost 6 yearsThe answer to the link that you referred mentions - "We need 2 IP addresses from your routing domain for us to enable routing between your premises and the cloud.". I don't understand why is it so? Can't we route the traffic from AzureNet to on-premise having two interfaces(one facing on-premise net and the other to the AzureNet) connected to the gateway?
-
Nancy Xiong almost 6 yearsJust like my Quoted segment, Gateway subnet must have at least 2 IP addresses which can be used for routing the traffic from one network to another network. The azure background is responsible for this actions, we just remain the gateway subnet address range, A 28-bit or smaller prefix length is recommended. You's good to configure your P2S connection, gateway subnet will handle the routing rules which we can not see it directly. You do not worry about it more.
